DataDome's "2024 Global Bot Security Report" found that 95 percent of advanced bot attacks go undetected, emphasizing the need for better detection and mitigation strategies. Some organizations may have basic defenses but need to prepare for more sophisticated attacks involving Artificial Intelligence (AI) and Machine Learning (ML). Recent statistics show that organizations must prioritize and strengthen security against bot attacks. According to DataDome, 65 percent of websites are vulnerable to bot attacks. This article continues to discuss recent findings regarding bot attacks.

"GoldenJackal," an Advanced Persistent Threat (APT) hacking group, successfully breached air-gapped government systems in Europe. The APT group used two custom toolsets to steal sensitive data such as emails, encryption keys, images, archives, and documents. According to ESET, this occurred at least twice against the embassy of a South Asian country in Belarus and a European government organization. This article continues to discuss new findings regarding GoldenJackal's attacks on air-gapped government systems. 

According to the security vendor Egress, phishing attempts increased 28 percent in the second quarter of the year as threat actors gained new tools. An analysis of phishing kits offered for sale on the dark web found that 75 percent advertised Artificial Intelligence (AI) capability. This article continues to discuss findings regarding the rise in phishing attacks.

SC Media reports "Phishing Attacks Armed With AI Capabilities Are on the Rise"

Submitted by grigby1

The 2024 "Tenable Cloud Risk Report" found that 38 percent of organizations worldwide face critical exposures due to a mix of security gaps in modern cloud environments. The report identified a "toxic cloud triad" of publicly exposed, critically vulnerable, and highly privileged cloud workloads that put these companies at risk. This triad makes them vulnerable to cyberattacks that could disrupt applications, take over systems, and steal data. This article continues to discuss key findings regarding cloud security risks.

According to the US Department of Justice (DoJ), a Ukrainian national named Mark Sokolovsky pleaded guilty to operating the "Raccoon Infostealer" malware in US federal court. Sokolovsky was previously accused of being one of the "key administrators" of the malware that steals email addresses, ID numbers, bank account details, and cryptocurrency information. Raccoon Infostealer was sold as Malware-as-a-Service (MaaS) for $200 per month in cryptocurrency. This article continues to discuss the Raccoon Infostealer malware and the Ukrainian national who has pleaded guilty to running it.

The US Department of Health and Human Services (HHS) warns of "Trinity" ransomware attacks on healthcare and public health organizations. HHS notes that Trinity, a relatively new ransomware family first seen in May 2024, adds the '.trinitylock' extension to encrypted files. It has similarities to "2023Lock" and "Venus" ransomware. This article continues to discuss the Trinity ransomware attacks faced by the healthcare sector.  

Secureworks has seen a 30 percent year-over-year increase in active ransomware groups despite law enforcement efforts to stop ransomware gangs. The company's eighth annual "State of the Threat Report" identified 31 new ransomware groups that had emerged in the past 12 months. According to the report, the threat landscape has shifted from a few big players to a wider range of emerging entities. The three most active ransomware groups by number of victims are "LockBit," "PLAY," and "RansomHub." This article continues to discuss key findings from Secureworks' State of The Threat Report.

Danish company LEGO recently had its official website compromised on the evening of Oct. 4 to promote a cryptocurrency scam. Attackers placed an ad on the Lego website homepage that urged visitors to click a link that would "unlock secret rewards," which redirects to a third-party marketplace enabling purchases of the fraudulent LEGO token with Ethereum. The company immediately took down the banner ad. The company said no user accounts have been compromised, and customers can continue shopping as usual.